Repository: ambari Updated Branches: refs/heads/branch-feature-AMBARI-21674 c839dbfe4 -> ff8f686f8
http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java index 7bf26c5..e6f0868 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java @@ -18,15 +18,13 @@ package org.apache.ambari.server.serveraction.kerberos; -import static org.easymock.EasyMock.createNiceMock; +import static org.easymock.EasyMock.anyObject; +import static org.easymock.EasyMock.anyString; import static org.easymock.EasyMock.expect; -import static org.easymock.EasyMock.replay; -import static org.easymock.EasyMock.verify; -import static org.mockito.Matchers.anyString; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; +import static org.easymock.EasyMock.expectLastCall; import java.io.File; +import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @@ -45,7 +43,7 @@ import org.apache.ambari.server.security.credential.PrincipalKeyCredential; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.apache.ambari.server.state.stack.OsFamily; -import org.easymock.EasyMock; +import org.easymock.EasyMockSupport; import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -53,11 +51,10 @@ import org.junit.Test; import com.google.inject.AbstractModule; import com.google.inject.Guice; import com.google.inject.Injector; -import com.google.inject.Provider; import junit.framework.Assert; -public class KerberosServerActionTest { +public class KerberosServerActionTest extends EasyMockSupport { Map<String, String> commandParams = new HashMap<>(); File temporaryDirectory; @@ -66,49 +63,53 @@ public class KerberosServerActionTest { @Before public void setUp() throws Exception { - final Cluster cluster = mock(Cluster.class); + Cluster cluster = createMock(Cluster.class); - final Clusters clusters = mock(Clusters.class); - when(clusters.getCluster(anyString())).thenReturn(cluster); + Clusters clusters = createMock(Clusters.class); + expect(clusters.getCluster(anyString())).andReturn(cluster).anyTimes(); - final ExecutionCommand mockExecutionCommand = mock(ExecutionCommand.class); - final HostRoleCommand mockHostRoleCommand = mock(HostRoleCommand.class); + ExecutionCommand mockExecutionCommand = createMock(ExecutionCommand.class); + HostRoleCommand mockHostRoleCommand = createMock(HostRoleCommand.class); + + action = new KerberosServerAction() { + + @Override + protected CommandReport processIdentity(Map<String, String> identityRecord, String evaluatedPrincipal, + KerberosOperationHandler operationHandler, + Map<String, String> kerberosConfiguration, + Map<String, Object> requestSharedDataContext) + throws AmbariException { + Assert.assertNotNull(requestSharedDataContext); + + if (requestSharedDataContext.get("FAIL") != null) { + return createCommandReport(1, HostRoleStatus.FAILED, "{}", "ERROR", "ERROR"); + } else { + requestSharedDataContext.put(identityRecord.get(KerberosIdentityDataFileReader.PRINCIPAL), evaluatedPrincipal); + return null; + } + } + + @Override + public CommandReport execute(ConcurrentMap<String, Object> requestSharedDataContext) + throws AmbariException, InterruptedException { + return processIdentities(requestSharedDataContext); + } + }; + action.setExecutionCommand(mockExecutionCommand); + action.setHostRoleCommand(mockHostRoleCommand); injector = Guice.createInjector(new AbstractModule() { @Override protected void configure() { - bind(KerberosHelper.class).toInstance(createNiceMock(KerberosHelper.class)); - Provider<EntityManager> entityManagerProvider = createNiceMock(Provider.class); - bind(EntityManager.class).toProvider(entityManagerProvider); - bind(KerberosServerAction.class).toInstance(new KerberosServerAction() { - - @Override - protected CommandReport processIdentity(Map<String, String> identityRecord, String evaluatedPrincipal, - KerberosOperationHandler operationHandler, - Map<String, String> kerberosConfiguration, - Map<String, Object> requestSharedDataContext) - throws AmbariException { - Assert.assertNotNull(requestSharedDataContext); - - if (requestSharedDataContext.get("FAIL") != null) { - return createCommandReport(1, HostRoleStatus.FAILED, "{}", "ERROR", "ERROR"); - } else { - requestSharedDataContext.put(identityRecord.get(KerberosIdentityDataFileReader.PRINCIPAL), evaluatedPrincipal); - return null; - } - } - - @Override - public CommandReport execute(ConcurrentMap<String, Object> requestSharedDataContext) - throws AmbariException, InterruptedException { - return processIdentities(requestSharedDataContext); - } - }); + bind(KerberosHelper.class).toInstance(createMock(KerberosHelper.class)); + bind(KerberosServerAction.class).toInstance(action); + bind(EntityManager.class).toInstance(createNiceMock(EntityManager.class)); bind(Clusters.class).toInstance(clusters); bind(OsFamily.class).toInstance(createNiceMock(OsFamily.class)); bind(AuditLogger.class).toInstance(createNiceMock(AuditLogger.class)); + bind(KerberosOperationHandlerFactory.class).toInstance(createMock(KerberosOperationHandlerFactory.class)); } }); @@ -133,13 +134,17 @@ public class KerberosServerActionTest { commandParams.put(KerberosServerAction.DEFAULT_REALM, "REALM.COM"); commandParams.put(KerberosServerAction.KDC_TYPE, KDCType.MIT_KDC.toString()); - when(mockExecutionCommand.getCommandParams()).thenReturn(commandParams); - when(mockExecutionCommand.getClusterName()).thenReturn("c1"); - - action = injector.getInstance(KerberosServerAction.class); - - action.setExecutionCommand(mockExecutionCommand); - action.setHostRoleCommand(mockHostRoleCommand); + expect(mockExecutionCommand.getCommandParams()).andReturn(commandParams).anyTimes(); + expect(mockExecutionCommand.getClusterName()).andReturn("c1").anyTimes(); + expect(mockExecutionCommand.getConfigurations()).andReturn(Collections.emptyMap()).anyTimes(); + expect(mockExecutionCommand.getRoleCommand()).andReturn(null).anyTimes(); + expect(mockExecutionCommand.getConfigurationTags()).andReturn(null).anyTimes(); + expect(mockExecutionCommand.getRole()).andReturn(null).anyTimes(); + expect(mockExecutionCommand.getServiceName()).andReturn(null).anyTimes(); + expect(mockExecutionCommand.getTaskId()).andReturn(1L).anyTimes(); + + expect(mockHostRoleCommand.getRequestId()).andReturn(1L).anyTimes(); + expect(mockHostRoleCommand.getStageId()).andReturn(1L).anyTimes(); } @After @@ -189,17 +194,28 @@ public class KerberosServerActionTest { @Test public void testGetDataDirectoryPath() throws Exception { + replayAll(); Assert.assertEquals(temporaryDirectory.getAbsolutePath(), action.getDataDirectoryPath()); + verifyAll(); } @Test public void testProcessIdentitiesSuccess() throws Exception { KerberosHelper kerberosHelper = injector.getInstance(KerberosHelper.class); - expect(kerberosHelper.getKDCAdministratorCredentials(EasyMock.anyObject(String.class))) + expect(kerberosHelper.getKDCAdministratorCredentials(anyObject(String.class))) .andReturn(new PrincipalKeyCredential("principal", "password")) .anyTimes(); - replay(kerberosHelper); + KerberosOperationHandler kerberosOperationHandler = createMock(KerberosOperationHandler.class); + kerberosOperationHandler.open(anyObject(PrincipalKeyCredential.class), anyString(), anyObject(Map.class)); + expectLastCall().atLeastOnce(); + kerberosOperationHandler.close(); + expectLastCall().atLeastOnce(); + + KerberosOperationHandlerFactory factory = injector.getInstance(KerberosOperationHandlerFactory.class); + expect(factory.getKerberosOperationHandler(KDCType.MIT_KDC)).andReturn(kerberosOperationHandler).once(); + + replayAll(); ConcurrentMap<String, Object> sharedMap = new ConcurrentHashMap<>(); CommandReport report = action.processIdentities(sharedMap); @@ -210,17 +226,26 @@ public class KerberosServerActionTest { Assert.assertEquals(entry.getValue(), entry.getKey()); } - verify(kerberosHelper); + verifyAll(); } @Test public void testProcessIdentitiesFail() throws Exception { KerberosHelper kerberosHelper = injector.getInstance(KerberosHelper.class); - expect(kerberosHelper.getKDCAdministratorCredentials(EasyMock.anyObject(String.class))) + expect(kerberosHelper.getKDCAdministratorCredentials(anyObject(String.class))) .andReturn(new PrincipalKeyCredential("principal", "password")) .anyTimes(); - replay(kerberosHelper); + KerberosOperationHandler kerberosOperationHandler = createMock(KerberosOperationHandler.class); + kerberosOperationHandler.open(anyObject(PrincipalKeyCredential.class), anyString(), anyObject(Map.class)); + expectLastCall().atLeastOnce(); + kerberosOperationHandler.close(); + expectLastCall().atLeastOnce(); + + KerberosOperationHandlerFactory factory = injector.getInstance(KerberosOperationHandlerFactory.class); + expect(factory.getKerberosOperationHandler(KDCType.MIT_KDC)).andReturn(kerberosOperationHandler).once(); + + replayAll(); ConcurrentMap<String, Object> sharedMap = new ConcurrentHashMap<>(); sharedMap.put("FAIL", "true"); @@ -229,6 +254,6 @@ public class KerberosServerActionTest { Assert.assertNotNull(report); Assert.assertEquals(HostRoleStatus.FAILED.toString(), report.getStatus()); - verify(kerberosHelper); + verifyAll(); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java index 04d03be..848d479 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java @@ -19,12 +19,9 @@ package org.apache.ambari.server.serveraction.kerberos; import static org.easymock.EasyMock.anyObject; -import static org.easymock.EasyMock.anyString; import static org.easymock.EasyMock.capture; import static org.easymock.EasyMock.expect; import static org.easymock.EasyMock.newCapture; -import static org.easymock.EasyMock.replay; -import static org.easymock.EasyMock.verify; import java.lang.reflect.Method; import java.util.HashMap; @@ -36,11 +33,8 @@ import org.apache.ambari.server.state.Clusters; import org.apache.ambari.server.state.stack.OsFamily; import org.apache.ambari.server.utils.ShellCommandUtil; import org.easymock.Capture; -import org.easymock.EasyMock; -import org.easymock.IAnswer; -import org.easymock.IMockBuilder; +import org.junit.Before; import org.junit.BeforeClass; -import org.junit.Ignore; import org.junit.Test; import com.google.inject.AbstractModule; @@ -49,15 +43,7 @@ import com.google.inject.Injector; import junit.framework.Assert; -public class MITKerberosOperationHandlerTest extends KerberosOperationHandlerTest { - - private static final String DEFAULT_ADMIN_PRINCIPAL = "admin/admin"; - private static final String DEFAULT_ADMIN_PASSWORD = "hadoop"; - private static final String DEFAULT_REALM = "EXAMPLE.COM"; - - private static Injector injector; - - private static Method methodExecuteCommand; +public class MITKerberosOperationHandlerTest extends KDCKerberosOperationHandlerTest { private static final Map<String, String> KERBEROS_ENV_MAP = new HashMap<String, String>() { { @@ -69,105 +55,75 @@ public class MITKerberosOperationHandlerTest extends KerberosOperationHandlerTes } }; + private static Method methodIsOpen; + + private static Method methodPrincipalExists; + + private static Method methodInvokeKAdmin; + + private Injector injector; + @BeforeClass - public static void beforeClass() throws Exception { + public static void beforeClassMITKerberosOperationHandlerTestC() throws Exception { + methodIsOpen = KerberosOperationHandler.class.getDeclaredMethod("isOpen"); + methodPrincipalExists = MITKerberosOperationHandler.class.getDeclaredMethod("principalExists", String.class, boolean.class); + methodInvokeKAdmin = MITKerberosOperationHandler.class.getDeclaredMethod("invokeKAdmin", String.class); + } + + @Before + public void beforeMITKerberosOperationHandlerTest() throws Exception { injector = Guice.createInjector(new AbstractModule() { @Override protected void configure() { - Configuration configuration = EasyMock.createNiceMock(Configuration.class); + Configuration configuration = createNiceMock(Configuration.class); expect(configuration.getServerOsFamily()).andReturn("redhat6").anyTimes(); expect(configuration.getKerberosOperationRetryTimeout()).andReturn(1).anyTimes(); - replay(configuration); - bind(Clusters.class).toInstance(EasyMock.createNiceMock(Clusters.class)); + bind(Clusters.class).toInstance(createNiceMock(Clusters.class)); bind(Configuration.class).toInstance(configuration); - bind(OsFamily.class).toInstance(EasyMock.createNiceMock(OsFamily.class)); + bind(OsFamily.class).toInstance(createNiceMock(OsFamily.class)); } }); - - methodExecuteCommand = KerberosOperationHandler.class.getDeclaredMethod( - "executeCommand", - String[].class, - Map.class, - ShellCommandUtil.InteractiveHandler.class); } + @Test - public void testSetPrincipalPasswordExceptions() throws Exception { - MITKerberosOperationHandler handler = injector.getInstance(MITKerberosOperationHandler.class); - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); + public void testSetPrincipalPassword() throws Exception { + MITKerberosOperationHandler handler = createMockedHandler(methodIsOpen, methodPrincipalExists); - try { - handler.setPrincipalPassword(DEFAULT_ADMIN_PRINCIPAL, null); - Assert.fail("KerberosOperationException not thrown for null password"); - } catch (Throwable t) { - Assert.assertEquals(KerberosOperationException.class, t.getClass()); - } + expect(handler.isOpen()).andReturn(true).atLeastOnce(); + expect(handler.principalExists(DEFAULT_ADMIN_PRINCIPAL, false)).andReturn(true).atLeastOnce(); + expect(handler.principalExists(null, false)).andReturn(false).atLeastOnce(); + expect(handler.principalExists("", false)).andReturn(false).atLeastOnce(); - try { - handler.setPrincipalPassword(DEFAULT_ADMIN_PRINCIPAL, ""); - Assert.fail("KerberosOperationException not thrown for empty password"); - handler.createPrincipal("", "1234", false); - Assert.fail("AmbariException not thrown for empty principal"); - } catch (Throwable t) { - Assert.assertEquals(KerberosOperationException.class, t.getClass()); - } + replayAll(); + + Integer expected = 0; + + // setPrincipalPassword should always return 0 + Assert.assertEquals(expected, handler.setPrincipalPassword(DEFAULT_ADMIN_PRINCIPAL, null, false)); + Assert.assertEquals(expected, handler.setPrincipalPassword(DEFAULT_ADMIN_PRINCIPAL, "", false)); try { - handler.setPrincipalPassword(null, DEFAULT_ADMIN_PASSWORD); - Assert.fail("KerberosOperationException not thrown for null principal"); - } catch (Throwable t) { - Assert.assertEquals(KerberosOperationException.class, t.getClass()); + handler.setPrincipalPassword(null, DEFAULT_ADMIN_PASSWORD, false); + Assert.fail("Expected KerberosPrincipalDoesNotExistException"); + } catch (KerberosPrincipalDoesNotExistException e) { + // Expected... } try { - handler.setPrincipalPassword("", DEFAULT_ADMIN_PASSWORD); - Assert.fail("KerberosOperationException not thrown for empty principal"); - } catch (Throwable t) { - Assert.assertEquals(KerberosOperationException.class, t.getClass()); + handler.setPrincipalPassword("", DEFAULT_ADMIN_PASSWORD, false); + Assert.fail("Expected KerberosPrincipalDoesNotExistException"); + } catch (KerberosPrincipalDoesNotExistException e) { + // Expected... } - } - - @Test(expected = KerberosPrincipalDoesNotExistException.class) - public void testSetPrincipalPasswordPrincipalDoesNotExist() throws Exception { - MITKerberosOperationHandler handler = createMockBuilder(MITKerberosOperationHandler.class) - .addMockedMethod(methodExecuteCommand) - .createNiceMock(); - injector.injectMembers(handler); - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(0).anyTimes(); - expect(result.isSuccessful()).andReturn(true).anyTimes(); - expect(result.getStderr()) - .andReturn("change_password: Principal does not exist while changing password for \"[email protected]\".") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.setPrincipalPassword("[email protected]", "password"); - handler.close(); + verifyAll(); } @Test public void testCreateServicePrincipal_AdditionalAttributes() throws Exception { - Method invokeKAdmin = MITKerberosOperationHandler.class.getDeclaredMethod("invokeKAdmin", String.class, String.class); - Capture<? extends String> query = newCapture(); - Capture<? extends String> password = newCapture(); ShellCommandUtil.Result result1 = createNiceMock(ShellCommandUtil.Result.class); expect(result1.getStderr()).andReturn("").anyTimes(); @@ -177,72 +133,40 @@ public class MITKerberosOperationHandlerTest extends KerberosOperationHandlerTes expect(result2.getStderr()).andReturn("").anyTimes(); expect(result2.getStdout()).andReturn("Key: vno 1").anyTimes(); - MITKerberosOperationHandler handler = createMockBuilder(MITKerberosOperationHandler.class) - .addMockedMethod(invokeKAdmin) - .createStrictMock(); + ShellCommandUtil.Result kinitResult = createMock(ShellCommandUtil.Result.class); + expect(kinitResult.isSuccessful()).andReturn(true); - expect(handler.invokeKAdmin(capture(query), anyString())).andReturn(result1).once(); - expect(handler.invokeKAdmin("get_principal " + DEFAULT_ADMIN_PRINCIPAL, null)).andReturn(result2).once(); + MITKerberosOperationHandler handler = createMockedHandler(methodInvokeKAdmin, methodExecuteCommand); + expect(handler.executeCommand(anyObject(String[].class), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(kinitResult) + .once(); + expect(handler.invokeKAdmin(capture(query))).andReturn(result1).once(); - replay(handler, result1, result2); + replayAll(); - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); + handler.open(getAdminCredentials(), DEFAULT_REALM, KERBEROS_ENV_MAP); handler.createPrincipal(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD, false); + handler.close(); - verify(handler, result1, result2); + verifyAll(); Assert.assertTrue(query.getValue().contains(" " + KERBEROS_ENV_MAP.get(MITKerberosOperationHandler.KERBEROS_ENV_KDC_CREATE_ATTRIBUTES) + " ")); } - @Test(expected = KerberosPrincipalAlreadyExistsException.class) - public void testCreatePrincipalPrincipalAlreadyNotExists() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(0).anyTimes(); - expect(result.isSuccessful()).andReturn(true).anyTimes(); - expect(result.getStderr()) - .andReturn("add_principal: Principal or policy already exists while creating \"[email protected]\".") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.createPrincipal("[email protected]", "password", false); - handler.close(); - } @Test - public void testCreateServicePrincipal_Exceptions() throws Exception { - MITKerberosOperationHandler handler = new MITKerberosOperationHandler(); - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); + public void testCreateServicePrincipalExceptions() throws Exception { + ShellCommandUtil.Result kinitResult = createMock(ShellCommandUtil.Result.class); + expect(kinitResult.isSuccessful()).andReturn(true); - try { - handler.createPrincipal(DEFAULT_ADMIN_PRINCIPAL, null, false); - Assert.fail("KerberosOperationException not thrown for null password"); - } catch (Throwable t) { - Assert.assertEquals(KerberosOperationException.class, t.getClass()); - } + MITKerberosOperationHandler handler = createMockedHandler(methodExecuteCommand); + expect(handler.executeCommand(anyObject(String[].class), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(kinitResult) + .once(); - try { - handler.createPrincipal(DEFAULT_ADMIN_PRINCIPAL, "", false); - Assert.fail("KerberosOperationException not thrown for empty password"); - } catch (Throwable t) { - Assert.assertEquals(KerberosOperationException.class, t.getClass()); - } + replayAll(); + + handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); try { handler.createPrincipal(null, DEFAULT_ADMIN_PASSWORD, false); @@ -257,339 +181,156 @@ public class MITKerberosOperationHandlerTest extends KerberosOperationHandlerTes } catch (Throwable t) { Assert.assertEquals(KerberosOperationException.class, t.getClass()); } - } - @Test(expected = KerberosAdminAuthenticationException.class) - public void testTestAdministratorCredentialsIncorrectAdminPassword() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(1).anyTimes(); - expect(result.isSuccessful()).andReturn(false).anyTimes(); - expect(result.getStderr()) - .andReturn("kadmin: Incorrect password while initializing kadmin interface") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.testAdministratorCredentials(); - handler.close(); - } - - @Test(expected = KerberosAdminAuthenticationException.class) - public void testTestAdministratorCredentialsIncorrectAdminPrincipal() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(1).anyTimes(); - expect(result.isSuccessful()).andReturn(false).anyTimes(); - expect(result.getStderr()) - .andReturn("kadmin: Client not found in Kerberos database while initializing kadmin interface") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.testAdministratorCredentials(); - handler.close(); - } - - @Test(expected = KerberosRealmException.class) - public void testTestAdministratorCredentialsInvalidRealm() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(1).anyTimes(); - expect(result.isSuccessful()).andReturn(false).anyTimes(); - expect(result.getStderr()) - .andReturn("kadmin: Missing parameters in krb5.conf required for kadmin client while initializing kadmin interface") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.testAdministratorCredentials(); - handler.close(); - } - - @Test(expected = KerberosRealmException.class) - public void testTestAdministratorCredentialsInvalidRealm2() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(1).anyTimes(); - expect(result.isSuccessful()).andReturn(false).anyTimes(); - expect(result.getStderr()) - .andReturn("kadmin: Cannot find KDC for requested realm while initializing kadmin interface") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.testAdministratorCredentials(); - handler.close(); + verifyAll(); } @Test(expected = KerberosKDCConnectionException.class) - public void testTestAdministratorCredentialsKDCConnectionException() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(1).anyTimes(); - expect(result.isSuccessful()).andReturn(false).anyTimes(); - expect(result.getStderr()) - .andReturn("kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); + public void testKDCConnectionException() throws Exception { + ShellCommandUtil.Result kinitResult = createMock(ShellCommandUtil.Result.class); + expect(kinitResult.isSuccessful()).andReturn(true).anyTimes(); + + ShellCommandUtil.Result kadminResult = createMock(ShellCommandUtil.Result.class); + expect(kadminResult.getExitCode()).andReturn(1).anyTimes(); + expect(kadminResult.isSuccessful()).andReturn(false).anyTimes(); + expect(kadminResult.getStderr()) + .andReturn("kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface") + .anyTimes(); + expect(kadminResult.getStdout()) + .andReturn("Authenticating as principal admin/admin with password.") + .anyTimes(); + + MITKerberosOperationHandler handler = createMockedHandler(methodExecuteCommand); + expect(handler.executeCommand(anyObject(String[].class), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(kinitResult) + .once(); + expect(handler.executeCommand(anyObject(String[].class), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(kadminResult) + .once(); replayAll(); - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); + handler.open(getAdminCredentials(), DEFAULT_REALM, KERBEROS_ENV_MAP); handler.testAdministratorCredentials(); handler.close(); + + verifyAll(); } @Test(expected = KerberosKDCConnectionException.class) public void testTestAdministratorCredentialsKDCConnectionException2() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(1).anyTimes(); - expect(result.isSuccessful()).andReturn(false).anyTimes(); - expect(result.getStderr()) - .andReturn("kadmin: Cannot resolve network address for admin server in requested realm while initializing kadmin interface") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); + ShellCommandUtil.Result kinitResult = createMock(ShellCommandUtil.Result.class); + expect(kinitResult.isSuccessful()).andReturn(true).anyTimes(); + + ShellCommandUtil.Result kadminResult = createMock(ShellCommandUtil.Result.class); + expect(kadminResult.getExitCode()).andReturn(1).anyTimes(); + expect(kadminResult.isSuccessful()).andReturn(false).anyTimes(); + expect(kadminResult.getStderr()) + .andReturn("kadmin: Cannot resolve network address for admin server in requested realm while initializing kadmin interface") + .anyTimes(); + expect(kadminResult.getStdout()) + .andReturn("Authenticating as principal admin/admin with password.") + .anyTimes(); + + MITKerberosOperationHandler handler = createMockedHandler(methodExecuteCommand); + expect(handler.executeCommand(anyObject(String[].class), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(kinitResult) + .once(); + expect(handler.executeCommand(anyObject(String[].class), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(kadminResult) + .once(); replayAll(); - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); + handler.open(getAdminCredentials(), DEFAULT_REALM, KERBEROS_ENV_MAP); handler.testAdministratorCredentials(); handler.close(); - } - - @Test - public void testTestAdministratorCredentialsNotFound() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(0).anyTimes(); - expect(result.isSuccessful()).andReturn(true).anyTimes(); - expect(result.getStderr()) - .andReturn("get_principal: Principal does not exist while retrieving \"admin/[email protected]\".") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - Assert.assertFalse(handler.testAdministratorCredentials()); - handler.close(); + verifyAll(); } - @Test - public void testTestAdministratorCredentialsSuccess() throws Exception { - MITKerberosOperationHandler handler = createMock(); - - expect(handler.executeCommand(anyObject(String[].class), EasyMock.anyObject(), anyObject(MITKerberosOperationHandler.InteractivePasswordHandler.class))) - .andAnswer(new IAnswer<ShellCommandUtil.Result>() { - @Override - public ShellCommandUtil.Result answer() throws Throwable { - ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); - - expect(result.getExitCode()).andReturn(0).anyTimes(); - expect(result.isSuccessful()).andReturn(true).anyTimes(); - expect(result.getStderr()) - .andReturn("") - .anyTimes(); - expect(result.getStdout()) - .andReturn("Authenticating as principal admin/admin with password.\n" + - "Principal: admin/[email protected]\n" + - "Expiration date: [never]\n" + - "Last password change: Thu Jan 08 13:09:52 UTC 2015\n" + - "Password expiration date: [none]\n" + - "Maximum ticket life: 1 day 00:00:00\n" + - "Maximum renewable life: 0 days 00:00:00\n" + - "Last modified: Thu Jan 08 13:09:52 UTC 2015 (root/[email protected])\n" + - "Last successful authentication: [never]\n" + - "Last failed authentication: [never]\n" + - "Failed password attempts: 0\n" + - "Number of keys: 6\n" + - "Key: vno 1, aes256-cts-hmac-sha1-96, no salt\n" + - "Key: vno 1, aes128-cts-hmac-sha1-96, no salt\n" + - "Key: vno 1, des3-cbc-sha1, no salt\n" + - "Key: vno 1, arcfour-hmac, no salt\n" + - "Key: vno 1, des-hmac-sha1, no salt\n" + - "Key: vno 1, des-cbc-md5, no salt\n" + - "MKey: vno 1\n" + - "Attributes:\n" + - "Policy: [none]") - .anyTimes(); - - replay(result); - return result; - } - }); - - replayAll(); - - handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, KERBEROS_ENV_MAP); - handler.testAdministratorCredentials(); - handler.close(); + @Override + protected MITKerberosOperationHandler createMockedHandler(Method... mockedMethods) { + MITKerberosOperationHandler handler = createMockBuilder(MITKerberosOperationHandler.class) + .addMockedMethods(mockedMethods) + .createMock(); + injector.injectMembers(handler); + return handler; } - @Test - @Ignore - public void testTestAdministratorCredentialsLive() throws KerberosOperationException { - MITKerberosOperationHandler handler = new MITKerberosOperationHandler(); - String principal = System.getProperty("principal"); - String password = System.getProperty("password"); - String realm = System.getProperty("realm"); - - if (principal == null) { - principal = DEFAULT_ADMIN_PRINCIPAL; - } - - if (password == null) { - password = DEFAULT_ADMIN_PASSWORD; - } - - if (realm == null) { - realm = DEFAULT_REALM; - } - - PrincipalKeyCredential credentials = new PrincipalKeyCredential(principal, password); - - handler.open(credentials, realm, KERBEROS_ENV_MAP); - handler.testAdministratorCredentials(); - handler.close(); + @Override + protected Map<String, String> getKerberosEnv() { + return KERBEROS_ENV_MAP; } - @Test - public void testInteractivePasswordHandler() { - MITKerberosOperationHandler.InteractivePasswordHandler handler = new MITKerberosOperationHandler.InteractivePasswordHandler("admin_password", "user_password"); - - handler.start(); - Assert.assertEquals("admin_password", handler.getResponse("password")); - Assert.assertFalse(handler.done()); - Assert.assertEquals("user_password", handler.getResponse("password")); - Assert.assertFalse(handler.done()); - Assert.assertEquals("user_password", handler.getResponse("password")); - Assert.assertTrue(handler.done()); - - // Test restarting - handler.start(); - Assert.assertEquals("admin_password", handler.getResponse("password")); - Assert.assertFalse(handler.done()); - Assert.assertEquals("user_password", handler.getResponse("password")); - Assert.assertFalse(handler.done()); - Assert.assertEquals("user_password", handler.getResponse("password")); - Assert.assertTrue(handler.done()); + @Override + protected void setupPrincipalAlreadyExists(KerberosOperationHandler handler, boolean service) throws Exception { + ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); + expect(result.getExitCode()).andReturn(0).anyTimes(); + expect(result.isSuccessful()).andReturn(true).anyTimes(); + expect(result.getStderr()) + .andReturn(String.format("add_principal: Principal or policy already exists while creating \"%[email protected]\".", (service) ? "service/host" : "user")) + .anyTimes(); + expect(result.getStdout()) + .andReturn("Authenticating as principal admin/admin with password.") + .anyTimes(); + + expect(handler.executeCommand(arrayContains(new String[]{"/usr/sbin/kadmin", "add_principal"}), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(result) + .anyTimes(); } - private MITKerberosOperationHandler createMock(){ - return createMock(false); + @Override + protected void setupPrincipalDoesNotExist(KerberosOperationHandler handler, boolean service) throws Exception { + ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); + expect(result.getExitCode()).andReturn(0).anyTimes(); + expect(result.isSuccessful()).andReturn(true).anyTimes(); + expect(result.getStderr()) + .andReturn(String.format("get_principal: Principal does not exist while retrieving \"%[email protected]\".", (service) ? "service/host" : "user")) + .anyTimes(); + expect(result.getStdout()) + .andReturn("Authenticating as principal admin/admin with password.") + .anyTimes(); + + expect(handler.executeCommand(arrayContains(new String[]{"/usr/sbin/kadmin", "get_principal"}), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(result) + .anyTimes(); } - private MITKerberosOperationHandler createMock(boolean strict) { - IMockBuilder<MITKerberosOperationHandler> mockBuilder = createMockBuilder(MITKerberosOperationHandler.class) - .addMockedMethod(methodExecuteCommand); - MITKerberosOperationHandler result; - if(strict){ - result = mockBuilder.createStrictMock(); - } else { - result = mockBuilder.createNiceMock(); - } - injector.injectMembers(result); - return result; + @Override + protected void setupPrincipalExists(KerberosOperationHandler handler, boolean service) throws Exception { + ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class); + expect(result.getExitCode()).andReturn(0).anyTimes(); + expect(result.isSuccessful()).andReturn(true).anyTimes(); + expect(result.getStderr()) + .andReturn("") + .anyTimes(); + expect(result.getStdout()) + .andReturn(String.format("Authenticating as principal admin/admin with password.\n" + + "Principal: %[email protected]\n" + + "Expiration date: [never]\n" + + "Last password change: Thu Jan 08 13:09:52 UTC 2015\n" + + "Password expiration date: [none]\n" + + "Maximum ticket life: 1 day 00:00:00\n" + + "Maximum renewable life: 0 days 00:00:00\n" + + "Last modified: Thu Jan 08 13:09:52 UTC 2015 (root/[email protected])\n" + + "Last successful authentication: [never]\n" + + "Last failed authentication: [never]\n" + + "Failed password attempts: 0\n" + + "Number of keys: 6\n" + + "Key: vno 1, aes256-cts-hmac-sha1-96, no salt\n" + + "Key: vno 1, aes128-cts-hmac-sha1-96, no salt\n" + + "Key: vno 1, des3-cbc-sha1, no salt\n" + + "Key: vno 1, arcfour-hmac, no salt\n" + + "Key: vno 1, des-hmac-sha1, no salt\n" + + "Key: vno 1, des-cbc-md5, no salt\n" + + "MKey: vno 1\n" + + "Attributes:\n" + + "Policy: [none]", (service) ? "service/host" : "user")) + .anyTimes(); + + expect(handler.executeCommand(arrayContains(new String[]{"/usr/sbin/kadmin", "get_principal"}), anyObject(Map.class), anyObject(KDCKerberosOperationHandler.InteractivePasswordHandler.class))) + .andReturn(result) + .anyTimes(); } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog300Test.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog300Test.java b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog300Test.java index 25e9dbf..bd8f5cb 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog300Test.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog300Test.java @@ -24,7 +24,9 @@ import static org.apache.ambari.server.upgrade.UpgradeCatalog300.SERVICE_DESIRED import static org.easymock.EasyMock.anyObject; import static org.easymock.EasyMock.anyString; import static org.easymock.EasyMock.capture; +import static org.easymock.EasyMock.createMock; import static org.easymock.EasyMock.createMockBuilder; +import static org.easymock.EasyMock.createNiceMock; import static org.easymock.EasyMock.eq; import static org.easymock.EasyMock.expect; import static org.easymock.EasyMock.expectLastCall; @@ -34,19 +36,23 @@ import static org.easymock.EasyMock.reset; import static org.easymock.EasyMock.verify; import static org.junit.Assert.assertTrue; +import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.Arrays; import java.util.Collection; import java.util.Collections; +import java.util.HashMap; import java.util.Map; import javax.persistence.EntityManager; +import org.apache.ambari.server.AmbariException; import org.apache.ambari.server.actionmanager.ActionManager; import org.apache.ambari.server.configuration.Configuration; import org.apache.ambari.server.controller.AmbariManagementController; import org.apache.ambari.server.controller.AmbariManagementControllerImpl; import org.apache.ambari.server.controller.MaintenanceStateHelper; +import org.apache.ambari.server.controller.ServiceConfigVersionResponse; import org.apache.ambari.server.orm.DBAccessor; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; @@ -130,13 +136,15 @@ public class UpgradeCatalog300Test { Method showHcatDeletedUserMessage = UpgradeCatalog300.class.getDeclaredMethod("showHcatDeletedUserMessage"); Method setStatusOfStagesAndRequests = UpgradeCatalog300.class.getDeclaredMethod("setStatusOfStagesAndRequests"); Method updateLogSearchConfigs = UpgradeCatalog300.class.getDeclaredMethod("updateLogSearchConfigs"); - - UpgradeCatalog300 upgradeCatalog300 = createMockBuilder(UpgradeCatalog300.class) - .addMockedMethod(showHcatDeletedUserMessage) - .addMockedMethod(addNewConfigurationsFromXml) - .addMockedMethod(setStatusOfStagesAndRequests) - .addMockedMethod(updateLogSearchConfigs) - .createMock(); + Method updateKerberosConfigurations = UpgradeCatalog300.class.getDeclaredMethod("updateKerberosConfigurations"); + + UpgradeCatalog300 upgradeCatalog300 = createMockBuilder(UpgradeCatalog300.class) + .addMockedMethod(showHcatDeletedUserMessage) + .addMockedMethod(addNewConfigurationsFromXml) + .addMockedMethod(setStatusOfStagesAndRequests) + .addMockedMethod(updateLogSearchConfigs) + .addMockedMethod(updateKerberosConfigurations) + .createMock(); upgradeCatalog300.addNewConfigurationsFromXml(); @@ -146,6 +154,9 @@ public class UpgradeCatalog300Test { upgradeCatalog300.updateLogSearchConfigs(); expectLastCall().once(); + upgradeCatalog300.updateKerberosConfigurations(); + expectLastCall().once(); + replay(upgradeCatalog300); upgradeCatalog300.executeDMLUpdates(); @@ -168,9 +179,12 @@ public class UpgradeCatalog300Test { Capture<DBAccessor.DBColumnInfo> hrcOpsDisplayNameColumn = newCapture(); dbAccessor.addColumn(eq(UpgradeCatalog300.HOST_ROLE_COMMAND_TABLE), capture(hrcOpsDisplayNameColumn)); - dbAccessor.dropColumn(COMPONENT_DESIRED_STATE_TABLE, SECURITY_STATE_COLUMN); expectLastCall().once(); - dbAccessor.dropColumn(COMPONENT_STATE_TABLE, SECURITY_STATE_COLUMN); expectLastCall().once(); - dbAccessor.dropColumn(SERVICE_DESIRED_STATE_TABLE, SECURITY_STATE_COLUMN); expectLastCall().once(); + dbAccessor.dropColumn(COMPONENT_DESIRED_STATE_TABLE, SECURITY_STATE_COLUMN); + expectLastCall().once(); + dbAccessor.dropColumn(COMPONENT_STATE_TABLE, SECURITY_STATE_COLUMN); + expectLastCall().once(); + dbAccessor.dropColumn(SERVICE_DESIRED_STATE_TABLE, SECURITY_STATE_COLUMN); + expectLastCall().once(); replay(dbAccessor, configuration); @@ -221,9 +235,9 @@ public class UpgradeCatalog300Test { Collection<Config> configs = Arrays.asList(confSomethingElse1, confLogSearchConf1, confSomethingElse2, confLogSearchConf2); expect(cluster.getAllConfigs()).andReturn(configs).atLeastOnce(); - configHelper.removeConfigsByType(cluster,"service-1-logsearch-conf"); + configHelper.removeConfigsByType(cluster, "service-1-logsearch-conf"); expectLastCall().once(); - configHelper.removeConfigsByType(cluster,"service-2-logsearch-conf"); + configHelper.removeConfigsByType(cluster, "service-2-logsearch-conf"); expectLastCall().once(); configHelper.createConfigType(anyObject(Cluster.class), anyObject(StackId.class), eq(controller), eq("logsearch-common-properties"), eq(Collections.emptyMap()), eq("ambari-upgrade"), @@ -307,23 +321,23 @@ public class UpgradeCatalog300Test { Map<String, String> oldLogFeederOutputConf = ImmutableMap.of( "content", " \"zk_connect_string\":\"{{logsearch_solr_zk_quorum}}{{logsearch_solr_zk_znode}}\",\n" + - " \"collection\":\"{{logsearch_solr_collection_service_logs}}\",\n" + - " \"number_of_shards\": \"{{logsearch_collection_service_logs_numshards}}\",\n" + - " \"splits_interval_mins\": \"{{logsearch_service_logs_split_interval_mins}}\",\n" + - "\n" + - " \"zk_connect_string\":\"{{logsearch_solr_zk_quorum}}{{logsearch_solr_zk_znode}}\",\n" + - " \"collection\":\"{{logsearch_solr_collection_audit_logs}}\",\n" + - " \"number_of_shards\": \"{{logsearch_collection_audit_logs_numshards}}\",\n" + - " \"splits_interval_mins\": \"{{logsearch_audit_logs_split_interval_mins}}\",\n" + " \"collection\":\"{{logsearch_solr_collection_service_logs}}\",\n" + + " \"number_of_shards\": \"{{logsearch_collection_service_logs_numshards}}\",\n" + + " \"splits_interval_mins\": \"{{logsearch_service_logs_split_interval_mins}}\",\n" + + "\n" + + " \"zk_connect_string\":\"{{logsearch_solr_zk_quorum}}{{logsearch_solr_zk_znode}}\",\n" + + " \"collection\":\"{{logsearch_solr_collection_audit_logs}}\",\n" + + " \"number_of_shards\": \"{{logsearch_collection_audit_logs_numshards}}\",\n" + + " \"splits_interval_mins\": \"{{logsearch_audit_logs_split_interval_mins}}\",\n" ); Map<String, String> expectedLogFeederOutputConf = ImmutableMap.of( "content", " \"zk_connect_string\":\"{{logsearch_solr_zk_quorum}}{{logsearch_solr_zk_znode}}\",\n" + - " \"type\": \"service\",\n" + - "\n" + - " \"zk_connect_string\":\"{{logsearch_solr_zk_quorum}}{{logsearch_solr_zk_znode}}\",\n" + - " \"type\": \"audit\",\n" + " \"type\": \"service\",\n" + + "\n" + + " \"zk_connect_string\":\"{{logsearch_solr_zk_quorum}}{{logsearch_solr_zk_znode}}\",\n" + + " \"type\": \"audit\",\n" ); Config logFeederOutputConf = easyMockSupport.createNiceMock(Config.class); @@ -343,10 +357,10 @@ public class UpgradeCatalog300Test { new UpgradeCatalog300(injector2).updateLogSearchConfigs(); easyMockSupport.verifyAll(); - Map<String,String> newLogFeederProperties = logFeederPropertiesCapture.getValue(); + Map<String, String> newLogFeederProperties = logFeederPropertiesCapture.getValue(); assertTrue(Maps.difference(expectedLogFeederProperties, newLogFeederProperties).areEqual()); - Map<String,String> newLogSearchProperties = logSearchPropertiesCapture.getValue(); + Map<String, String> newLogSearchProperties = logSearchPropertiesCapture.getValue(); assertTrue(Maps.difference(Collections.emptyMap(), newLogSearchProperties).areEqual()); Map<String, String> updatedLogFeederLog4j = logFeederLog4jCapture.getValue(); @@ -364,4 +378,90 @@ public class UpgradeCatalog300Test { Map<String, String> updatedLogFeederOutputConf = logFeederOutputConfCapture.getValue(); assertTrue(Maps.difference(expectedLogFeederOutputConf, updatedLogFeederOutputConf).areEqual()); } + + @Test + public void testUpdateKerberosConfigurations() throws AmbariException, NoSuchFieldException, IllegalAccessException { + StackId stackId = new StackId("HDP", "2.6.0.0"); + + Map<String, Cluster> clusterMap = new HashMap<>(); + + Map<String, String> propertiesWithGroup = new HashMap<>(); + propertiesWithGroup.put("group", "ambari_managed_identities"); + propertiesWithGroup.put("kdc_host", "host1.example.com"); + + Config newConfig = createMock(Config.class); + expect(newConfig.getTag()).andReturn("version2").atLeastOnce(); + expect(newConfig.getType()).andReturn("kerberos-env").atLeastOnce(); + + ServiceConfigVersionResponse response = createMock(ServiceConfigVersionResponse.class); + + Config configWithGroup = createMock(Config.class); + expect(configWithGroup.getProperties()).andReturn(propertiesWithGroup).atLeastOnce(); + expect(configWithGroup.getPropertiesAttributes()).andReturn(Collections.emptyMap()).atLeastOnce(); + expect(configWithGroup.getTag()).andReturn("version1").atLeastOnce(); + + Cluster cluster1 = createMock(Cluster.class); + expect(cluster1.getDesiredConfigByType("kerberos-env")).andReturn(configWithGroup).atLeastOnce(); + expect(cluster1.getConfigsByType("kerberos-env")).andReturn(Collections.singletonMap("v1", configWithGroup)).atLeastOnce(); + expect(cluster1.getServiceByConfigType("kerberos-env")).andReturn("KERBEROS").atLeastOnce(); + expect(cluster1.getClusterName()).andReturn("c1").atLeastOnce(); + expect(cluster1.getDesiredStackVersion()).andReturn(stackId).atLeastOnce(); + expect(cluster1.getConfig(eq("kerberos-env"), anyString())).andReturn(newConfig).atLeastOnce(); + expect(cluster1.addDesiredConfig("ambari-upgrade", Collections.singleton(newConfig), "Updated kerberos-env during Ambari Upgrade from 2.6.0 to 3.0.0.")).andReturn(response).once(); + + Map<String, String> propertiesWithoutGroup = new HashMap<>(); + propertiesWithoutGroup.put("kdc_host", "host2.example.com"); + + Config configWithoutGroup = createMock(Config.class); + expect(configWithoutGroup.getProperties()).andReturn(propertiesWithoutGroup).atLeastOnce(); + + Cluster cluster2 = createMock(Cluster.class); + expect(cluster2.getDesiredConfigByType("kerberos-env")).andReturn(configWithoutGroup).atLeastOnce(); + + Cluster cluster3 = createMock(Cluster.class); + expect(cluster3.getDesiredConfigByType("kerberos-env")).andReturn(null).atLeastOnce(); + + clusterMap.put("c1", cluster1); + clusterMap.put("c2", cluster2); + clusterMap.put("c3", cluster3); + + Clusters clusters = createMock(Clusters.class); + expect(clusters.getClusters()).andReturn(clusterMap).anyTimes(); + + Capture<Map<String, String>> capturedProperties = newCapture(); + + AmbariManagementControllerImpl controller = createMockBuilder(AmbariManagementControllerImpl.class) + .addMockedMethod("createConfiguration") + .addMockedMethod("getClusters", new Class[]{}) + .addMockedMethod("createConfig") + .createMock(); + expect(controller.getClusters()).andReturn(clusters).anyTimes(); + expect(controller.createConfig(eq(cluster1), eq(stackId), eq("kerberos-env"), capture(capturedProperties), anyString(), anyObject(Map.class))).andReturn(newConfig).once(); + + + Injector injector = createNiceMock(Injector.class); + expect(injector.getInstance(AmbariManagementController.class)).andReturn(controller).anyTimes(); + + replay(controller, clusters, cluster1, cluster2, configWithGroup, configWithoutGroup, newConfig, response, injector); + + Field field = AbstractUpgradeCatalog.class.getDeclaredField("configuration"); + + UpgradeCatalog300 upgradeCatalog300 = new UpgradeCatalog300(injector); + field.set(upgradeCatalog300, configuration); + upgradeCatalog300.updateKerberosConfigurations(); + + verify(controller, clusters, cluster1, cluster2, configWithGroup, configWithoutGroup, newConfig, response, injector); + + + Assert.assertEquals(1, capturedProperties.getValues().size()); + + Map<String, String> properties = capturedProperties.getValue(); + Assert.assertEquals(2, properties.size()); + Assert.assertEquals("ambari_managed_identities", properties.get("ipa_user_group")); + Assert.assertEquals("host1.example.com", properties.get("kdc_host")); + + Assert.assertEquals(2, propertiesWithGroup.size()); + Assert.assertEquals("ambari_managed_identities", propertiesWithGroup.get("group")); + Assert.assertEquals("host1.example.com", propertiesWithGroup.get("kdc_host")); + } } http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/python/stacks/2.5/configs/ranger-admin-secured.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.5/configs/ranger-admin-secured.json b/ambari-server/src/test/python/stacks/2.5/configs/ranger-admin-secured.json index 288d155..69000df 100644 --- a/ambari-server/src/test/python/stacks/2.5/configs/ranger-admin-secured.json +++ b/ambari-server/src/test/python/stacks/2.5/configs/ranger-admin-secured.json @@ -432,9 +432,7 @@ "create_ambari_principal": "true", "service_check_principal_name": "${cluster_name|toLower()}-${short_date}", "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin", - "password_chat_timeout": "5", "kdc_type": "mit-kdc", - "set_password_expiry": "false", "password_min_punctuation": "1", "container_dn": "", "case_insensitive_username_rules": "false", http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/python/stacks/2.5/configs/ranger-kms-secured.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.5/configs/ranger-kms-secured.json b/ambari-server/src/test/python/stacks/2.5/configs/ranger-kms-secured.json index f7f054a..daef35d 100644 --- a/ambari-server/src/test/python/stacks/2.5/configs/ranger-kms-secured.json +++ b/ambari-server/src/test/python/stacks/2.5/configs/ranger-kms-secured.json @@ -529,9 +529,7 @@ "create_ambari_principal": "true", "service_check_principal_name": "${cluster_name|toLower()}-${short_date}", "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin", - "password_chat_timeout": "5", "kdc_type": "mit-kdc", - "set_password_expiry": "false", "password_min_punctuation": "1", "container_dn": "", "case_insensitive_username_rules": "false", http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/python/stacks/2.6/configs/ranger-admin-secured.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.6/configs/ranger-admin-secured.json b/ambari-server/src/test/python/stacks/2.6/configs/ranger-admin-secured.json index 38b5906..06b247a 100644 --- a/ambari-server/src/test/python/stacks/2.6/configs/ranger-admin-secured.json +++ b/ambari-server/src/test/python/stacks/2.6/configs/ranger-admin-secured.json @@ -456,9 +456,7 @@ "create_ambari_principal": "true", "service_check_principal_name": "${cluster_name|toLower()}-${short_date}", "executable_search_paths": "/usr/bin, /usr/kerberos/bin, /usr/sbin, /usr/lib/mit/bin, /usr/lib/mit/sbin", - "password_chat_timeout": "5", "kdc_type": "mit-kdc", - "set_password_expiry": "false", "password_min_punctuation": "1", "container_dn": "", "case_insensitive_username_rules": "false", http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-server/src/test/resources/PreconfigureActionTest_cluster_config.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/resources/PreconfigureActionTest_cluster_config.json b/ambari-server/src/test/resources/PreconfigureActionTest_cluster_config.json index 2a744c7..0b357e9 100644 --- a/ambari-server/src/test/resources/PreconfigureActionTest_cluster_config.json +++ b/ambari-server/src/test/resources/PreconfigureActionTest_cluster_config.json @@ -95,7 +95,6 @@ "manage_auth_to_local": "true", "manage_identities": "true", "master_kdc": "", - "password_chat_timeout": "5", "password_length": "20", "password_min_digits": "1", "password_min_lowercase_letters": "1", @@ -104,7 +103,6 @@ "password_min_whitespace": "0", "preconfigure_services": "DEFAULT", "realm": "EXAMPLE.COM", - "service_check_principal_name": "${cluster_name|toLower()}-${short_date}", - "set_password_expiry": "false" + "service_check_principal_name": "${cluster_name|toLower()}-${short_date}" } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/f844e5f3/ambari-web/app/controllers/main/admin/kerberos/step2_controller.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/controllers/main/admin/kerberos/step2_controller.js b/ambari-web/app/controllers/main/admin/kerberos/step2_controller.js index 05b0b31..a97e04e 100644 --- a/ambari-web/app/controllers/main/admin/kerberos/step2_controller.js +++ b/ambari-web/app/controllers/main/admin/kerberos/step2_controller.js @@ -46,7 +46,7 @@ App.KerberosWizardStep2Controller = App.WizardStep7Controller.extend(App.KDCCred type: Em.I18n.t('admin.kerberos.wizard.step1.option.kdc') }, 'ipa': { - configNames: ['group', 'set_password_expiry', 'password_chat_timeout'], + configNames: ['ipa_user_group'], type: Em.I18n.t('admin.kerberos.wizard.step1.option.ipa') } },
